Blog

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerabilities Threat Alert

May 31, 2019 | Mina Hao

Overview On May 15, 2019, local time, Cisco officially released a security advisory, announcing remediation of three critical remote code execution vulnerabilities (CVE-2019-1821, CVE-2019-1822, and CVE-2019-1823) in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPN).

Adobe Releases May’s Security Updates Threat Alert

May 30, 2019 | Mina Hao

Overview On May 14, 2019, local time, Adobe officially released May’s security updates to fix multiple vulnerabilities in its various products, including Adobe Flash Player, Adobe Acrobat and Reader, and Media Encoder.

2018 DDoS Attack Landscape-8

May 29, 2019 | Mina Hao

3.6  Industrial Distribution of Attack Targets From an industry perspective, cloud service/Internet data center (IDC), gaming, and e-commerce are top 3 industries suffering the most DDoS attacks.

DDoS Attacks and Mitigation

May 29, 2019 | Mina Hao

Nowadays, the advancement of information technology has brought tremendous convenience to people. Whether it is social networking or ecommerce, the Internet has become an integral and essential part of our lives. As Internet brought new opportunities, it also created new threats. DDoS is one of the most destructive form of threats. In the past decade, […]

Cybersecurity of Clouds over 10,000 Meters

May 27, 2019 | Mina Hao

Topic: Cybersecurity increasingly tends to be driven by IT instead of business. Enterprise security issues are no longer just concerned with the traditional infrastructure architecture, but have escalated to logical security issues of the business process as well as ecological security issues of multi-layered business.

A Look into RSA 2019: Cultural Blending and Capability Building During the Implementation of DevSecOps

May 24, 2019 | Mina Hao

As an increasing mature technical system in the security domain, DevSecOps, in nature, inherits the concept of shifting security to the left during the security development lifecycle (SDL). Simply speaking, DevSecOps is capability integration, continuous learning, and cultural blending. In fact, the concept of “blending” is also reflected by the theme of the DevSecOps Day […]

Microsoft Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-0708) Threat Alert

May 23, 2019 | Mina Hao

Overview On May 14, 2019, local time, Microsoft released security updates for May that address a critical remote code execution vulnerability (CVE-2019-0708) in Remote Desktop Services. The Remote Desktop Protocol (RDP) is not affected by this vulnerability. As the vulnerability may be exploited in worm-related attacks, users are advised to download appropriate patches and upgrade […]

2018 DDoS Attack Landscape-7

May 22, 2019 | Mina Hao

3.5  Analysis of IoT Attack Sources 3.5.1 Participation of IoT Devices in DDoS Attacks According to NSFOCUS’s IoT threat intelligence, some DDoS attacks are associated with IoT devices. By further analyzing the proportion of IoT devices in DDoS attack source IP addresses, we find that 3.14% are IoT devices. Although this proportion is relatively small, […]

A Retrospective Analysis of 300G DDoS Mitigation Powered by NSFOCUS Cloud DPS

May 21, 2019 | Mina Hao

The NSFOCUS multi-terabit DDoS protection was designed specifically to help enterprises regain control and build confidence with its vigorous layered protections against sophisticated attacks. With automation as an integral part of the NSFOCUS solution, DDoS attacks are detected and remediated immediately, with no disruption to services.

Machine Learning Algorithms Power Security Threat Reasoning and Analysis

May 21, 2019 | Mina Hao

RSA Conference 2019, an annual infosec event that brings all cybersecurity professionals together, kicked off in San Francisco, USA on March 4, 2019. This year’s Conference took “Better” as its theme, which reflected infosec players’ visions to constantly improve their own capabilities and work out better security solutions.